4999e632f7f711f7077461e549c9b78c

Sharing

Copy URL Twitter E-mail

General

Target

4999e632f7f711f7077461e549c9b78c
Size

84KB
MD5

4999e632f7f711f7077461e549c9b78c
SHA1

ad07f9d72cd0e491aded76bd8b20b78e4611910e
SHA256

1d7622372e3982d43b9d56ce327873268d85374e097cc2be82fbb4f401ed202e
SHA512

89daca9ab48d7f292c72d773c4ef5df932a8c1721432be35e259a1200064f8f8505d732983acfd1403600f8949051909c524bf3012c4f9b20351db1cac725982
SSDEEP

1536:nvpfuT/QeORkG8VJ9JOn77ts8gIkCL67jEBkN5r:nv1O/jORkH7OnXts8eCL68abr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4999e632f7f711f7077461e549c9b78c

Files

4999e632f7f711f7077461e549c9b78c
.exe windows:4 windows x86 arch:x86

72981b59db2ca7152f8a677e94eb8b4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
ImageList_Copy
ImageList_DrawIndirect
ImageList_DragLeave
ImageList_Create
ImageList_Destroy
ImageList_AddIcon
ImageList_LoadImageW
ImageList_EndDrag
ImageList_AddMasked
ImageList_Remove
ImageList_BeginDrag
ImageList_DragEnter
ImageList_Replace
ImageList_LoadImage
ImageList_GetDragImage

kernel32

HeapAlloc
GetFileAttributesA
GetFullPathNameA
WideCharToMultiByte
lstrcpynA
lstrlenA
GetFileType
Sleep
lstrcmpA
GetLastError
GetFileSize
CloseHandle
DeleteFileA
GetStringTypeW
GetStdHandle
lstrcatA
GetCommandLineA
GlobalFree
GetLocalTime
SetLastError

advapi32

RegQueryValueA
RegQueryValueExW
RegReplaceKeyW
RegEnumKeyExW
RegQueryValueExA
RegEnumValueA
RegEnumValueW
RegQueryInfoKeyA
RegDeleteValueA
RegGetKeySecurity
RegDeleteKeyA
RegQueryInfoKeyW
RegLoadKeyW
RegOpenKeyA
RegEnumKeyA
RegCreateKeyW

user32

AlignRects
DrawIconEx
InsertMenuA
IsWindow
BlockInput
CopyImage
EndDialog
GetDC
DrawIcon
IsMenu
AppendMenuW
CloseWindow
GetWindowTextA
LoadCursorA
CalcMenuBar
LoadMenuA
DialogBoxParamA
AppendMenuA

gdi32

GetBitmapBits
CreateSolidBrush
AddFontResourceTracking
GetPixel
AddFontResourceExW
ExtTextOutA
BeginPath
RestoreDC
GetBrushOrgEx
AbortPath
AddFontResourceExA
CloseFigure
CloseMetaFile
AddFontMemResourceEx
CancelDC
DeleteObject
GetCurrentPositionEx
BitBlt
GetPixel

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72981b59db2ca7152f8a677e94eb8b4d

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 48KB

.rsrc Size: 4KB - Virtual size: 967B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 48KB

.rsrc
Size: 4KB - Virtual size: 967B